CN103873887A - Request program playing method, device and system - Google Patents
Request program playing method, device and system Download PDFInfo
- Publication number
- CN103873887A CN103873887A CN201210541397.6A CN201210541397A CN103873887A CN 103873887 A CN103873887 A CN 103873887A CN 201210541397 A CN201210541397 A CN 201210541397A CN 103873887 A CN103873887 A CN 103873887A
- Authority
- CN
- China
- Prior art keywords
- program
- request
- cek
- request program
- program data
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Pending
Links
Images
Landscapes
- Storage Device Security (AREA)
- Two-Way Televisions, Distribution Of Moving Picture Or The Like (AREA)
Abstract
This invention provides a request program playing method, a device and a system. The method comprises that a server terminal transmits encrypted program data of the request program to a user terminal, wherein the encrypted program data comprises encrypted control information and program data load cryptograph; the user terminal obtains identifiers ID of the request program from the encrypted control information, obtains prestored license of the request program according to the ID identifiers of the request program and obtains content encrypted key (CEK) corresponding to the request program from the license; and the user terminal utilizes the content encrypted key (CEK) corresponding to the request program to perform decoding on the program data load cryptograph to obtain program data load and play the program data load. The embodiment of the invention realizes the controlled playing of the request program and greatly improves the safety of the request program.
Description
Technical field
The present invention relates to electrical application technology field, relate in particular to a kind of player method, device and system of request program.
Background technology
At present, Internet technology, mobile communication technology and broadcast television technique are in the ascendant, and on this basis, the IPTV video frequency program take television set, display etc. as display terminal becomes the main flow service that program is play gradually.
As an industry, provide the server end of IPTV video frequency program to collect certain expense to user side.At present, IPTV utilizes IP network to carry out transmission of video program, expressly to send digitized program, or digitized program is carried out to simple encryption sends to user side, thereby can have many potential safety hazards in the transmitting procedure of digitized program.For example, lawless person can intercept and capture unencrypted video frequency program easily, or can decode the video frequency program after simple encryption with the shorter time, like this, lawless person just can carry out the pirate and diffusion of program easily, thereby the interests of infringement server end, affect the sound development of this industry.
Summary of the invention
Embodiments of the invention provide a kind of player method, device and system of request program, the fail safe of playing to improve request program.
A player method for request program, comprising:
Server end sends the ciphered program data of request program to user side, described ciphered program data comprise ciphering control message and program data load ciphertext;
Described user side obtains the mark ID of described request program from described ciphering control message, obtains the licence of pre-stored described request program according to the ID of this request program, obtains contents encryption key CEK corresponding to described request program from this licence;
Described user side utilizes CEK corresponding to described request program to be decrypted described program data load ciphertext, obtains program data load, and this program data load is play.
A server end of managing request program, comprising:
Licence release module, is used to each request program to distribute a mark ID, for each request program generates a CEK, the licence of request program is sent to user side, and described licence comprises CEK corresponding to request program and mark ID;
Program data encrypting module, for the program data load of request program being encrypted with CEK corresponding to request program, obtain program data load ciphertext, encryption identification position and the ID of request program are packaged into ciphering control message, the encryption identification position of described request program is used to refer to this request program and encrypts, and described ciphering control message and program data load ciphertext is packaged into the ciphered program data of described request program;
Program data release module, for receiving the playing request of the described request program that described user side sends, sends the ciphered program data of request program to user side.
A user side for play-on-demand program, comprising:
License obtainment module, the licence of the request program sending for reception server end, described licence comprises CEK corresponding to request program and mark ID, and the licence of described request program is stored;
Program data receiver module, the ciphered program data of the request program sending to user side for reception server end, described ciphered program data comprise ciphering control message and program data load ciphertext;
Program data deciphering module, for obtaining the mark ID of described request program from described ciphering control message, obtain the licence of pre-stored described request program according to the ID of this request program, from this licence, obtain contents encryption key CEK corresponding to described request program, utilize CEK corresponding to described request program to be decrypted described program data load ciphertext, obtain program data load
Program playing module, for playing described program data load.
A Play System for request program, comprising: described server end and described user side.
The technical scheme being provided by the embodiment of the invention described above can be found out, the embodiment of the present invention sends the licence of request program to user side by server end, user side utilize CEK in licence to program data load decipher, realize the controlled broadcasting of request program, greatly improved the fail safe that request program is play.
Accompanying drawing explanation
In order to be illustrated more clearly in the technical scheme of the embodiment of the present invention, below the accompanying drawing of required use during embodiment is described is briefly described, apparently, accompanying drawing in the following describes is only some embodiments of the present invention, for those of ordinary skills, do not paying under the prerequisite of creative work, can also obtain according to these accompanying drawings other accompanying drawing.
The handling process schematic diagram of the player method of a kind of request program that Fig. 1 provides for the embodiment of the present invention one;
A kind of program data load replacement schematic diagram that Fig. 2 provides for the embodiment of the present invention one;
The concrete structure schematic diagram of a kind of server end of managing request program that Fig. 3 provides for the embodiment of the present invention two;
The concrete structure schematic diagram of the user side of a kind of play-on-demand program that Fig. 4 provides for the embodiment of the present invention two;
The concrete structure schematic diagram of the Play System of a kind of request program that Fig. 5 provides for the embodiment of the present invention two.
Embodiment
For ease of the understanding to the embodiment of the present invention, be further explained explanation below in conjunction with accompanying drawing as an example of several specific embodiments example, and each embodiment does not form the restriction to the embodiment of the present invention.
Embodiment mono-
The handling process schematic diagram of the player method of a kind of request program that this embodiment provides as shown in Figure 1, comprises following treatment step:
Step 11: server end is that each request program distributes a program ID(mark), and generate the corresponding CEK(Content Encryption Key of each request program, contents encryption key).
CEK corresponding to request program can be random generation, for example, generate CEK with random number generator, also can generate CEK by other modes.The key length of CEK is longer, the time of encryption and decryption also longer, this can affect the broadcasting speed of request program; And key length is shorter, be more easily cracked, the safety of playing for request program is disadvantageous.The above-mentioned contradiction of comprehensive consideration, a preferred embodiment of CEK key length is 128bit.
The licence of the request program in the embodiment of the present invention is to allow user side to play the voucher of certain request program, and this licence comprises the corresponding CEK(Content Encryption of request program Key, contents encryption key) and the program ID of request program.This licence is sent to after each user side by server end, and each user side has also just obtained CEK corresponding to this request program.
CEK corresponding to request program can change, when server end is changed after CEK corresponding to request program, server end sends the new licence that comprises the CEK after renewal to each user side, thereby the licence that user side is preserved upgrades, so that each user side obtains up-to-date CEK in time.
Step 13: server end reads program data load from program file corresponding to request program, is encrypted each program data load respectively with CEK, obtains program data load ciphertext.
The program data load of request program comprises video requency frame data and audio frame number certificate, in the time encrypting, can select as required while encrypted video frame data and audio frame number according to two kinds of data, or only encrypt wherein a kind of data.
When with CEK, to program data, load is encrypted, can select all or part of program data load to be encrypted, when partial programme data payload is encrypted, the length that can select assigned address in program data load (such as or below) be above CEK key length maximum integer doubly part be encrypted.
The encrypted work amount of this step is larger, can utilize hardware to realize, thereby improves enciphering rate and fail safe.CEK is varied to the encryption method of program data load, for example, can adopt existing state close SM1 grouping symmetric encipherment algorithm.
Step 14: server end, by together with the program ID of the encryption identification position of request program and request program, is packaged into ciphering control message.
The encryption identification position of above-mentioned request program is used to refer to this request program and encrypts.Encryption identification position need to be divided and is arranged and transmits with program data load, and encryption identification position is arranged on the front end of program data load conventionally, and sends to user side before program data load.Like this in the time that user side detects encryption identification position corresponding data, if detected as encryption identification position, the request program of having thought to encrypt, the handling process of request program is encrypted in follow-up execution; Otherwise think unencrypted request program, the handling process of follow-up execution unencryption request program.
Server end using ciphering control message together with program data load ciphertext as load, replace original program data load, payload length is revised as to the length sum of ciphering control message and program data load ciphertext simultaneously, form ciphered program data.Server end is stored the ciphered program data of each request program, and the ciphered program data of request program comprise program length, ciphering control message and program data load ciphertext etc.
A kind of program data load that this embodiment provides is replaced schematic diagram as shown in Figure 2.The embodiment of the present invention is only replaced the load of program data, has revised payload length simultaneously, other control information of request program is not modified, such processing, make in transmission, can, by ciphertext program as expressly transmitting, realize the transparence of transmission.
Server end comprises memory device, hard disk as larger in capacity etc., and this memory device is for preserving the program file after the encryption of request program.
In the time that employing is encrypted partial programme data payload, in above-mentioned ciphering control message, also comprise the positional information of the partial programme data payload of encryption, such as, this positional information be before program data load or below, length is the maximum integer times part of CEK key length.
Step 15: user side starts, receives user's program request instruction.
The mode that user side receives user's program request instruction can be to receive the user instruction that remote controller be sent, and can be also to receive the user instruction that the button on user side is sent here.
Step 16: user side sends the request program playing request of carrying program ID to server end, server end obtains the ciphered program data of the request program of storage, sends to user side by these ciphered program data with the form of stream.
When user's play-on-demand program, not necessarily start from the foremost of program to play; In the playing process of request program, user also likely can carry out the operations such as drag and drop, time-out.So in the request program playing request that user side sends to server end, can also comprise the time point that request is play, server end, according to this time point, from ciphered program data corresponding to this request program, reads the program data corresponding with this time point and sends to user side.
Step 17: user side is isolated ciphering control message and program data load ciphertext from the ciphered program data of the request program that receives.Determine that according to the encryption identification in ciphering control message program file passed through encryption.According to the program ID in ciphering control message, find the licence corresponding with this request program, and then utilize the CEK deciphering program data load ciphertext in licence, obtain program data load expressly.
When program data load ciphertext being decrypted with CEK, in the time that employing is encrypted partial programme data payload, user side also obtains the positional information of the program data of encryption from ciphering control message, according to this positional information, program data load ciphertext is decrypted.
While utilizing CEK to be decrypted program data load ciphertext, can adopt the close SM1 algorithm of existing state to carry out, in order to improve deciphering speed and fail safe, deciphering also all realizes with hardware.
Step 18: user side is using program data load expressly as load, and Substitution encryption control information and program data load ciphertext are revised as payload length program data load length expressly simultaneously, form expressly program stream, and the broadcasting of decoding.
Further, in above-mentioned steps 14, server end except by encryption identification position, program ID, encrypted location Information encapsulation in ciphering control message, the version number of current request program encryption CEK used can also be encapsulated in ciphering control message.
Like this, in above-mentioned steps 17, user side after obtaining CEK corresponding to this request program from the licence of described request program, decipher each program data load ciphertext with this CEK before, also judge that whether the described CEK version number in ciphering control message is corresponding with the CEK version number in licence, if so, decipher each program data load ciphertext with this CEK; Otherwise user side sends CEK to server end and obtains request, this CEK request of obtaining comprises the CEK version number in ciphering control message.Server end obtains request according to described CEK, the CEK corresponding with described CEK version number in ciphering control message is merged in new licence, and this new licence is sent to user side.User side is deciphered each program data load ciphertext with the CEK in this new licence.
In embodiments of the present invention, in the time that server end or user side detect that CEK corresponding to request program reveals, can change immediately CEK.By changing CEK, can further improve the fail safe that request program is play.
Further, in the licence of request program, except comprising CEK corresponding to this request program, can also comprise the program authority of user side for this request program.The numerous contents of the program authority here, the content that service provider's (being the manager of server end) of every request program can limit user side, can serve as program authority.In an embodiment of program authority, it comprises that this user side allows the number of times of play-on-demand program, for example, user has only bought to request program service provider the rating power of playing certain request program for 3 times, the user side that this program authority is this user can only be play this request program 3 times, after finishing for 3 times, just can not play this request program.
Like this, after step 16 user side receives user's program request instruction, before sending the program playing request of certain request program to server end at user side, also carry out following processing procedure: user side judges that current time is whether within the allowed band of the program authority of above-mentioned certain request program, if, send the request program playing request of above-mentioned certain request program to server end, otherwise, user side does not send the program playing request of certain request program to server end, and point out current time not allow to play above-mentioned certain request program, or prompting has not had remaining broadcasting time.
Further, the embodiment of the present invention can also further be encrypted CEK, to improve the fail safe of CEK, prevents that CEK from being revealed.For this reason, in above-mentioned steps 12, also comprise following processing procedure: user side receives the PK(personal key with this user side with one-to-one relationship from server end, personal key), server end is encrypted CEK corresponding to described request program respectively with PK corresponding to each user side, and the CEK ciphertext obtaining is saved in the licence that sends to relative users end.
Like this, in above-mentioned steps 17, the method that user side obtains CEK corresponding to this request program from the licence of described request program is: user side utilizes the PK of self correspondence to be decrypted the CEK ciphertext in described licence, obtains CEK corresponding to this request program.
The encryption and decryption work of CEK being carried out with PK, can utilize hardware to realize, and a typical algorithm is state's close SM1 grouping symmetric encipherment algorithm.This is improving on the basis of encryption/decryption speed, has further improved the fail safe that request program is play.
Embodiment bis-
This embodiment provides a kind of server end of managing request program, and its concrete structure schematic diagram as shown in Figure 3, comprising:
Program data encrypting module 32, for the program data load of request program being encrypted with CEK corresponding to request program, obtain program data load ciphertext, encryption identification position and the ID of request program are packaged into ciphering control message, the encryption identification position of described request program is used to refer to this request program and encrypts, and described ciphering control message and program data load ciphertext is packaged into the ciphered program data of described request program;
Program data release module 33, for receiving the playing request of the described request program that described user side sends, sends the ciphered program data of request program to user side.
Concrete, described program data encrypting module 32 can comprise at least one in whole encryption processing module 321 and Partial encryption processing module 322,
Described whole encryption processing module 321, for whole program data loads of request program being encrypted with CEK corresponding to request program, obtain program data load ciphertext, encryption identification position and the ID of request program are packaged into ciphering control message, and the encryption identification position of described request program is used to refer to this request program and encrypts; The program length of described request program is revised as to the length sum of described ciphering control message and program data load ciphertext, the program length of described request program, ciphering control message and program data load ciphertext are packaged into the ciphered program data of described request program
Described Partial encryption processing module 322, for the partial programme data payload of described request program being encrypted with CEK corresponding to request program, described partial programme data payload comprises that the length of assigned address in described program data load is the program data load doubly of maximum integer of CEK key length, the partial programme data payload after described encryption and the load of unencrypted residue program data is formed to the program data load ciphertext of described request program; The positional information of the partial programme data payload of encryption identification position, ID and the described encryption of request program is packaged into ciphering control message; The program length of described request program is revised as to the length sum of described ciphering control message and program data load ciphertext, the program length of described request program, ciphering control message and program data load ciphertext is packaged into the ciphered program data of described request program.
Further, described program data encrypting module 32, also for being encapsulated into ciphering control message by the version number of current request program encryption CEK used;
Further, described licence release module 31, also obtain after request for receiving the CEK of the CEK version number that comprises ciphering control message that user side sends, the CEK corresponding with described CEK version number in ciphering control message merged in new licence, and this new licence is sent to user side.
Further, described licence release module 31, also for the personal key PK that has an one-to-one relationship with user side is sent to described user side, CEK corresponding to request program is encrypted to the CEK ciphertext obtaining with the PK of user side, sends the licence that comprises described CEK ciphertext to described user side.
The concrete structure of the user side of a kind of play-on-demand program that this embodiment provides as shown in Figure 4, comprising:
License obtainment module 41, the licence of the request program sending for reception server end, described licence comprises CEK corresponding to request program and mark ID, and the licence of described request program is stored;
Program data receiver module 42, the ciphered program data for reception server end to user side transmission request program, described ciphered program data comprise ciphering control message and program data load ciphertext;
Program data deciphering module 43, for obtaining the mark ID of described request program from described ciphering control message, obtain the licence of pre-stored described request program according to the ID of this request program, from this licence, obtain contents encryption key CEK corresponding to described request program, utilize CEK corresponding to described request program to be decrypted described program data load ciphertext, obtain program data load
Program playing module, for playing described program data load.
Concrete, described program data deciphering module 43, also in the time that described server end is encrypted the partial programme data payload of described request program, from described ciphering control message, obtain the positional information of the partial programme data payload of described encryption, utilize CEK corresponding to described request program to be decrypted the partial programme data payload of described encryption according to this positional information, by the described partial programme data payload after deciphering and the load of the residue of the unencrypted in described program data load ciphertext program data load composition program data.
Concrete, described program data deciphering module 43, also when comprise the version number of the current encryption of request program CEK used when described ciphering control message, obtain CEK corresponding to this request program from the licence of described request program after, judge that whether the described CEK version number in ciphering control message is corresponding with the CEK version number in licence, if so, decipher described program data load ciphertext with the CEK in licence; Otherwise, sending CEK to server end and obtain request, this CEK request of obtaining comprises CEK version number in ciphering control message, receives after the new licence that described server end sends, and deciphers described program data load ciphertext with the CEK in this new licence.
Concrete, described program data deciphering module 43, also for the personal key PK that has an one-to-one relationship with user side being sent to after described user side when server end, the PK corresponding with described user side is decrypted the CEK ciphertext in described licence, obtains CEK corresponding to described request program.
This embodiment also provides a kind of Play System of request program, and its concrete structure as described in Figure 5, comprises server end described in Fig. 3 and the user side shown in Fig. 4.
Detailed process and the preceding method embodiment of broadcasting that carries out request program by the device of the embodiment of the present invention and system is similar, repeats no more herein.
One of ordinary skill in the art will appreciate that: accompanying drawing is the schematic diagram of an embodiment, the module in accompanying drawing or flow process might not be that enforcement the present invention is necessary.
One of ordinary skill in the art will appreciate that: the module in the equipment in embodiment can be described and be distributed in the equipment of embodiment according to embodiment, also can carry out respective change and be arranged in the one or more equipment that are different from the present embodiment.The module of above-described embodiment can be merged into a module, also can further split into multiple submodules.
One of ordinary skill in the art will appreciate that all or part of flow process realizing in above-described embodiment method, can carry out the hardware that instruction is relevant by computer program to complete, described program can be stored in a computer read/write memory medium, this program, in the time carrying out, can comprise as the flow process of the embodiment of above-mentioned each side method.Wherein, described storage medium can be magnetic disc, CD, read-only store-memory body (Read-Only Memory, ROM) or random store-memory body (Random Access Memory, RAM) etc.
In sum, the embodiment of the present invention sends the licence of request program to user side by server end, user side utilize CEK in licence to program data load decipher, realized the controlled broadcasting of request program, greatly improved the fail safe that request program is play.
In embodiments of the present invention, in the time finding that CEK exists potential safety hazard, can upgrade CEK, then use new CEK re-encrypted program file, and replace original program file of encrypting by new program file of encrypting, avoid revealing because of CEK the adverse consequences producing.
In embodiments of the present invention, encryption and decryption work, the encryption and decryption work of CEK to program data load that PK carries out CEK, can utilize hardware to realize, thereby improve on the basis of encryption/decryption speed, further improve the fail safe that request program is play.
In embodiments of the present invention; only the loading section of program data is encrypted; and do not revise the control information in program data; so; can be by the program data of ciphertext with expressly equally transmitting, protection request program play safe in, make to transmit transparence; reduce the spending in transmission, be conducive to the application of digital copyright protection technology under differing transmission protocols.
The above; only for preferably embodiment of the present invention, but protection scope of the present invention is not limited to this, is anyly familiar with in technical scope that those skilled in the art disclose in the present invention; the variation that can expect easily or replacement, within all should being encompassed in protection scope of the present invention.Therefore, protection scope of the present invention should be as the criterion with the protection range of claim.
Claims (16)
1. a player method for request program, is characterized in that, comprising:
Server end sends the ciphered program data of request program to user side, described ciphered program data comprise ciphering control message and program data load ciphertext;
Described user side obtains the mark ID of described request program from described ciphering control message, obtains the licence of pre-stored described request program according to the ID of this request program, obtains CEK corresponding to described request program from this licence;
Described user side utilizes CEK corresponding to described request program to be decrypted described program data load ciphertext, obtains program data load, and this program data load is play.
2. the player method of request program according to claim 1, is characterized in that, described user side also comprises before receiving the ciphered program data of request program of described server end transmission:
Server end is that each request program distributes a mark ID, for each request program generates a CEK, the licence of request program is sent to user side, described licence comprises CEK and the ID that request program is corresponding, described user side is stored the licence of described request program, described user side sends the playing request of described request program to described server end, carry the ID of described request program in this playing request.
3. the player method of request program according to claim 1, is characterized in that, described server end sends the ciphered program data of request program to user side, and described ciphered program data comprise ciphering control message and program data load ciphertext, comprising:
Described server end is encrypted whole program data loads of request program with CEK corresponding to request program, obtain program data load ciphertext, encryption identification position and the ID of request program are packaged into ciphering control message, and the encryption identification position of described request program is used to refer to this request program and encrypts;
Described server end is revised as the program length of described request program the length sum of described ciphering control message and program data load ciphertext, the program length of described request program, ciphering control message and program data load ciphertext are packaged into the ciphered program data of described request program, and send to described user side.
4. the player method of request program according to claim 1, is characterized in that, described server end sends the ciphered program data of request program to user side, and described ciphered program data comprise ciphering control message and program data load ciphertext, comprising:
Described server end is encrypted the partial programme data payload of described request program with CEK corresponding to request program, described partial programme data payload comprises that the length of assigned address in described program data load is the program data load doubly of maximum integer of CEK key length, the partial programme data payload after described encryption and the load of unencrypted residue program data is formed to the program data load ciphertext of described request program;
The positional information of the partial programme data payload of encryption identification position, ID and the described encryption of request program is packaged into ciphering control message by described server end;
Described server end is revised as the program length of described request program the length sum of described ciphering control message and program data load ciphertext, the program length of described request program, ciphering control message and program data load ciphertext are packaged into the ciphered program data of described request program, and send to described user side.
5. the player method of request program according to claim 4, is characterized in that, described user side utilizes CEK corresponding to described request program to be decrypted described program data load ciphertext, obtains program data load, comprising:
Described user side obtains the positional information of the partial programme data payload of described encryption from described ciphering control message, utilize CEK corresponding to described request program to be decrypted the partial programme data payload of described encryption according to this positional information, by the described partial programme data payload after deciphering and the load of the residue of the unencrypted in described program data load ciphertext program data load composition program data.
6. according to the player method of the request program described in claim 1 to 5 any one, it is characterized in that, described method also comprises:
Described server end is encapsulated into the version number of current request program encryption CEK used in ciphering control message;
After described user side obtains CEK corresponding to this request program from the licence of described request program, judge that whether the described CEK version number in ciphering control message is corresponding with the CEK version number in licence, if so, decipher described program data load ciphertext with the CEK in licence; Otherwise, user side sends CEK to server end and obtains request, this CEK request of obtaining comprises the CEK version number in ciphering control message, described server end merges to the CEK corresponding with described CEK version number in ciphering control message in new licence, and this new licence is sent to user side, described user side is deciphered described program data load ciphertext with the CEK in this new licence.
7. according to the player method of the request program described in claim 1 to 5 any one, it is characterized in that, described method also comprises:
The PK that has an one-to-one relationship with user side is sent to described user side by server end, CEK corresponding to request program is encrypted to the CEK ciphertext obtaining with the PK of described user side, sends the licence that comprises described CEK ciphertext to described user side;
Described user side utilizes the PK of self correspondence to be decrypted the CEK ciphertext in described licence, obtains CEK corresponding to described request program.
8. a server end of managing request program, is characterized in that, comprising:
Licence release module, is used to each request program to distribute a mark ID, for each request program generates a CEK, the licence of request program is sent to user side, and described licence comprises CEK corresponding to request program and mark ID;
Program data encrypting module, for the program data load of request program being encrypted with CEK corresponding to request program, obtain program data load ciphertext, the encryption identification position of request program and I D are packaged into ciphering control message, the encryption identification position of described request program is used to refer to this request program and encrypts, and described ciphering control message and program data load ciphertext is packaged into the ciphered program data of described request program;
Program data release module, for receiving the playing request of the described request program that described user side sends, sends the ciphered program data of request program to user side.
9. the server end of management request program according to claim 8, is characterized in that, described program data encrypting module, comprising: all at least one in encryption processing module and Partial encryption processing module,
Described whole encryption processing module, for whole program data loads of request program being encrypted with CEK corresponding to request program, obtain program data load ciphertext, encryption identification position and the ID of request program are packaged into ciphering control message, and the encryption identification position of described request program is used to refer to this request program and encrypts; The program length of described request program is revised as to the length sum of described ciphering control message and program data load ciphertext, the program length of described request program, ciphering control message and program data load ciphertext are packaged into the ciphered program data of described request program
Described Partial encryption processing module, for the partial programme data payload of described request program being encrypted with CEK corresponding to request program, described partial programme data payload comprises that the length of assigned address in described program data load is the program data load doubly of maximum integer of CEK key length, the partial programme data payload after described encryption and the load of unencrypted residue program data is formed to the program data load ciphertext of described request program; The positional information of the partial programme data payload of the encryption identification position of request program, I D and described encryption is packaged into ciphering control message; The program length of described request program is revised as to the length sum of described ciphering control message and program data load ciphertext, the program length of described request program, ciphering control message and program data load ciphertext is packaged into the ciphered program data of described request program.
10. the server end of management request program according to claim 8 or claim 9, is characterized in that:
Described program data encrypting module, also for being encapsulated into ciphering control message by the version number of current request program encryption CEK used;
Described licence release module, also obtain after request for receiving the CEK of the CEK version number that comprises ciphering control message that user side sends, the CEK corresponding with described CEK version number in ciphering control message merged in new licence, and this new licence is sent to user side.
The server end of 11. management request programs according to claim 8 or claim 9, is characterized in that:
Described licence release module, also for the personal key PK that has an one-to-one relationship with user side is sent to described user side, CEK corresponding to request program is encrypted and obtains CEK ciphertext with the PK of user side, send the licence that comprises described CEK ciphertext to described user side.
The user side of 12. 1 kinds of play-on-demand programs, is characterized in that, comprising:
License obtainment module, the licence of the request program sending for reception server end, described licence comprises CEK corresponding to request program and mark ID, and the licence of described request program is stored;
Program data receiver module, the ciphered program data of the request program sending to user side for reception server end, described ciphered program data comprise ciphering control message and program data load ciphertext;
Program data deciphering module, for obtaining the mark ID of described request program from described ciphering control message, obtain the licence of pre-stored described request program according to the ID of this request program, from this licence, obtain contents encryption key CEK corresponding to described request program, utilize CEK corresponding to described request program to be decrypted described program data load ciphertext, obtain program data load
Program playing module, for playing described program data load.
The user side of 13. play-on-demand programs according to claim 12, is characterized in that:
Described program data deciphering module, also in the time that described server end is encrypted the partial programme data payload of described request program, from described ciphering control message, obtain the positional information of the partial programme data payload of described encryption, utilize CEK corresponding to described request program to be decrypted the partial programme data payload of described encryption according to this positional information, by the described partial programme data payload after deciphering and the load of the residue of the unencrypted in described program data load ciphertext program data load composition program data.
14. according to the user side of the play-on-demand program described in claim 12 or 13, it is characterized in that:
Described program data deciphering module, also when comprise the version number of the current encryption of request program CEK used when described ciphering control message, obtain CEK corresponding to this request program from the licence of described request program after, judge that whether the described CEK version number in ciphering control message is corresponding with the CEK version number in licence, if so, decipher described program data load ciphertext with the CEK in licence; Otherwise, sending CEK to server end and obtain request, this CEK request of obtaining comprises CEK version number in ciphering control message, receives after the new licence that described server end sends, and deciphers described program data load ciphertext with the CEK in this new licence.
15. according to the user side of the play-on-demand program described in claim 12 or 13, it is characterized in that:
Described program data deciphering module, also for the PK that has an one-to-one relationship with user side being sent to after described user side when server end, the PK corresponding with described user side is decrypted the CEK ciphertext in described licence, obtains CEK corresponding to described request program.
The Play System of 16. 1 kinds of request programs, is characterized in that, comprising: the user side of the play-on-demand program described in server end and claim 12 to 15 any one of the management request program described in claim 8 to 12 any one.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201210541397.6A CN103873887A (en) | 2012-12-13 | 2012-12-13 | Request program playing method, device and system |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201210541397.6A CN103873887A (en) | 2012-12-13 | 2012-12-13 | Request program playing method, device and system |
Publications (1)
| Publication Number | Publication Date |
|---|---|
| CN103873887A true CN103873887A (en) | 2014-06-18 |
Family
ID=50911959
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN201210541397.6A Pending CN103873887A (en) | 2012-12-13 | 2012-12-13 | Request program playing method, device and system |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN103873887A (en) |
Cited By (2)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN110798713A (en) * | 2019-10-25 | 2020-02-14 | 北京东方广视科技股份有限公司 | Time-shifted television on-demand method, terminal, server and system |
| CN110876085A (en) * | 2018-09-03 | 2020-03-10 | 国家广播电视总局广播电视科学研究院 | Method, system and client for protecting multimedia content |
Citations (7)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| JP2004297333A (en) * | 2003-03-26 | 2004-10-21 | Ntt Comware West Corp | Digital certificate accreditation system, digital certificate accreditation server, pki token, digital certificate accreditation method and program |
| CN1633809A (en) * | 2002-01-02 | 2005-06-29 | 索尼电子有限公司 | Elementary stream partial encryption |
| CN1852420A (en) * | 2005-10-24 | 2006-10-25 | 华为技术有限公司 | Method for realizing digital copyright management of altermative network TV system |
| CN101118576A (en) * | 2006-08-02 | 2008-02-06 | 北京数码视讯科技有限公司 | System and method for realizing real time medium copyright protection |
| CN101222624A (en) * | 2007-12-07 | 2008-07-16 | 四川长虹电器股份有限公司 | Multimedia data encryption method based on AVI format |
| CN101552793A (en) * | 2009-04-29 | 2009-10-07 | 成都卫士通信息产业股份有限公司 | Method for downloading digital multimedia file and program order commission |
| CN102693386A (en) * | 2012-05-28 | 2012-09-26 | 北京网尚数字电影院线有限公司 | Method and system for encryption protection of video files |
-
2012
- 2012-12-13 CN CN201210541397.6A patent/CN103873887A/en active Pending
Patent Citations (7)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN1633809A (en) * | 2002-01-02 | 2005-06-29 | 索尼电子有限公司 | Elementary stream partial encryption |
| JP2004297333A (en) * | 2003-03-26 | 2004-10-21 | Ntt Comware West Corp | Digital certificate accreditation system, digital certificate accreditation server, pki token, digital certificate accreditation method and program |
| CN1852420A (en) * | 2005-10-24 | 2006-10-25 | 华为技术有限公司 | Method for realizing digital copyright management of altermative network TV system |
| CN101118576A (en) * | 2006-08-02 | 2008-02-06 | 北京数码视讯科技有限公司 | System and method for realizing real time medium copyright protection |
| CN101222624A (en) * | 2007-12-07 | 2008-07-16 | 四川长虹电器股份有限公司 | Multimedia data encryption method based on AVI format |
| CN101552793A (en) * | 2009-04-29 | 2009-10-07 | 成都卫士通信息产业股份有限公司 | Method for downloading digital multimedia file and program order commission |
| CN102693386A (en) * | 2012-05-28 | 2012-09-26 | 北京网尚数字电影院线有限公司 | Method and system for encryption protection of video files |
Cited By (3)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN110876085A (en) * | 2018-09-03 | 2020-03-10 | 国家广播电视总局广播电视科学研究院 | Method, system and client for protecting multimedia content |
| CN110798713A (en) * | 2019-10-25 | 2020-02-14 | 北京东方广视科技股份有限公司 | Time-shifted television on-demand method, terminal, server and system |
| CN110798713B (en) * | 2019-10-25 | 2021-07-13 | 北京东方广视科技股份有限公司 | Time-shifted television on-demand method, terminal, server and system |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| US7757299B2 (en) | Conditional access to digital rights management conversion | |
| TWI406569B (en) | Unit for managing audio/video data and access control method for said data | |
| US9479825B2 (en) | Terminal based on conditional access technology | |
| US20080292103A1 (en) | Method and apparatus for encrypting and transmitting contents, and method and apparatus for decrypting encrypted contents | |
| JP4666015B2 (en) | Content distribution system, content receiving terminal, and content distribution method | |
| CN100401769C (en) | Method for enciphering and deciphering living-broadcasting flow-medium data | |
| US20110113443A1 (en) | IP TV With DRM | |
| CN104298896A (en) | Method and system for managing and distributing digital rights | |
| CN101282468A (en) | Systems and methods for hardware driven program execution | |
| CN102917259A (en) | Method, system and server for playing programs in encryption manner | |
| JP6596131B2 (en) | Transmitting apparatus, receiving apparatus and conditional access system | |
| CN105049941A (en) | Multi-media file processing method and apparatus | |
| CN101621379A (en) | Method for realizing digital copyright management system and digital right management system | |
| EP3317798B1 (en) | Decrypting and decoding media assets through a secure data path | |
| CN100461199C (en) | Method and device for encrypting and de-encrypting digital content | |
| CN101204037A (en) | System and method for efficient encryption and decryption of drm rights objects | |
| CN101202883A (en) | System for numeral copyright management of IPTV system | |
| CN103873887A (en) | Request program playing method, device and system | |
| CN103414726A (en) | Method and device for transmitting multimedia resources | |
| WO2015034020A1 (en) | Transmission device, reception device, limited reception system, and limited reception method | |
| KR101012561B1 (en) | Drm contents service system and drm contents service method | |
| JP6543396B2 (en) | Transmitter, receiver and conditional access system | |
| JP6539389B2 (en) | Transmitter, receiver and conditional access system | |
| JP6596130B2 (en) | Transmitting apparatus, receiving apparatus and conditional access system | |
| CN109474840A (en) | The multicast channel method for scrambling and system that encryption double mode coexists inside and outside a kind of |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| C06 | Publication | ||
| PB01 | Publication | ||
| C10 | Entry into substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| RJ01 | Rejection of invention patent application after publication |
Application publication date: 20140618 |
|
| RJ01 | Rejection of invention patent application after publication |